<?php
	ob_start();
	error_reporting(E_ALL);
	ini_set('display_errors', 1);

	include 'inc/config.php';
	include 'inc/db.php';
	include 'inc/security.php';

	sec_session_start();

	$salt = 'the_sett_salt';
	$error = true;
	$code = 0;

	if (isset($_REQUEST['email'], $_REQUEST['pwd'], $_REQUEST['checksum'], $_REQUEST['now'])) {
		$check = $_REQUEST['checksum'];
		$email = $_REQUEST['email'];
		$password = $_REQUEST['pwd'];

		if ($check == md5($_REQUEST['now'].'|'.$salt)) {

			if (login($email, $password) == true) {
				if ($_SESSION['verified'] == 0) $code = 3;
				else {
					$error = false;
					header('location: dashboard');
				}
			} else $code = 2;
		} else $code = 1;
	}

	if ($error) {
		$_SESSION = array();
		session_destroy();
		header('location: '.LOGIN.'?error='.$code);
	}

	ob_flush();
?>